# Windows 内核特权提升漏洞
## 概述
该漏洞为Windows操作系统内核中的权限提升漏洞。攻击者可以在目标系统上执行任意代码,从而提升权限。
## 影响版本
- Windows 10版本1903, 1909, 2004, 20H2, 21H1, 21H2
- Windows Server 2019
- Windows Server 2022
## 细节
该漏洞存在于Windows内核的处理方式中。攻击者可利用此漏洞通过运行特制的应用程序来在本地系统上获得提升的权限。成功利用此漏洞的攻击者可以执行任意代码,并安装程序、查看、更改或删除数据,或者创建拥有完全用户权限的新账户。
## 影响
攻击者若成功利用此漏洞,可以实现本地权限提升,从而完全控制受影响的系统。建议用户尽快更新系统补丁,以防止该漏洞被利用。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability | https://github.com/gogobuster/CVE-2024-21338-POC | POC详情 |
| 2 | CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability Zero-day | https://github.com/crackmapEZec/CVE-2024-21338-POC | POC详情 |
| 3 | Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. | https://github.com/hakaioffsec/CVE-2024-21338 | POC详情 |
| 4 | Fork of https://github.com/hakaioffsec/CVE-2024-21338 | https://github.com/UMU618/CVE-2024-21338 | POC详情 |
| 5 | PoC for the Untrusted Pointer Dereference in the appid.sys driver | https://github.com/varwara/CVE-2024-21338 | POC详情 |
| 6 | Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. | https://github.com/Zombie-Kaiser/CVE-2024-21338-x64-build- | POC详情 |
| 7 | None | https://github.com/tykawaii98/CVE-2024-21338_PoC | POC详情 |
| 8 | Windows AppLocker Driver (appid.sys) LPE | https://github.com/Crowdfense/CVE-2024-21338 | POC详情 |
| 9 | kcfg bypass example - CVE-2024-21338 | https://github.com/hackyboiz/kcfg-bypass | POC详情 |
| 10 | PoC for the Untrusted Pointer Dereference in the appid.sys driver | https://github.com/wusijie/CVE-2024-21338-1 | POC详情 |
暂无评论